Prophylaxis

[solarbear]

I wanted to start a little discourse relating to members and their OS anti-virus ,firewall and browser sandbox trial, error and genuine smugness.

if it has worked for you, other members may chime in.

also, any by-gone stories of infections are interesting also.

last time i was infected was 2005, got it from IRC, it was called bloodhound. and my laptop was boot-looping,, i didn't know much about PC maintenance back then, but i knew how to run the crap out of them for sure. luckily i had the recovery disc and my files were backed up and burned to CD and all was well.

Anyone remember the early 1990s and IRC? we had to collect from fellow channel members fserve back then. that was back before digi-cams were mainstream, so a scan was kind of difficult to acquire. I remember the Aussie channel members were really heapin ALS Scan to heck. The same ALS scan that is doing legal maneuvers to this day and causing malaise

anyway, back then it was dial-up and pretty much everyone on dial-up was secure because the DNS was scrambled on each connect, but once i went broadband in 2005, it wasn't two weeks before i got a dose. after that, i was really interested in antivirus and firewalls and browser protection.

i have since then learned the joys of linux, and how easy it was , i thought it would be a dereliction of standards, but one day i decided to see what the hype was about..i booted up and went to town in my browser in minutes. i did some googling to check if i was configured right, and learned to enable the firewall, sandbox and install no-script on my pale moon browser and viola. I haven't looked back.

now i just keep windows vista in isolation as a second boot option

[Welderman]

I don't know what any of that means.

[halvar]

Quote:

Originally Posted by solarbear

i have since then learned the joys of linux, and how easy it was , i thought it would be a dereliction of standards, but one day i decided to see what the hype was about..i booted up and went to town in my browser in minutes. i did some googling to check if i was configured right, and learned to enable the firewall, sandbox and install no-script on my pale moon browser and viola. I haven't looked back.

Now i just keep windows vista in isolation as a second boot option

Same here. I use Linux almost exclusively. Windows 7 runs in a Virtual Box if I really need it. While Linux is somewhat more safe than Windows it had it's own share of vulnerabilities. But as long as the market share is low, it is not profitable to attack Linux. Most attacks nowadays are by word or pdf email attachments aimed at Windows.

Some say that most anti virus software is pointless and even dangerous, since it opens a whole new attack vector.

Usually you are protected by the firewall/nat of your router. As long as you do not download and install malicious software you should be safe. Only use software from reliable sources. This applies for all systems, mac, windows, Linux and your phone.

My recommendations:

• Keep your systems updated. All of them, don't forget your router.
• Create Backups regularly. Test the backups! (Once my boss thought that he had backed up our mail server, but the backups turned out to be empty )
• Use a good router from a supplier that provides security updates
• Boot from a live cd/usb to do your banking
• Use different passwords for different services
• Use an ad blocker
• Do not make devices in your local network visible to the outside world (web cams, home automation, IOT, ...)
• If possible, use wired network (not possible for me )
• ...

[MrLinc]

Linux user here too. I've been on Ubuntu/Xubuntu on my home computer for the last 10 years or so. Only use Windows at my workplace.

[solarbear]

Thankies for the pointers, I wasn't aware of the .doc syndrome. i know .doc is the industry standard. Linux is bundled with libreoffice for documents, don't know how vulnerable it is to malware though. I figured out how to get fast stone and ms paint running with wine,. but now i worry wine is opening vulnerablities in the linux mint OS.

[halvar]

Quote:

Originally Posted by solarbear

Thankies for the pointers, I wasn't aware of the .doc syndrome. i know .doc is the industry standard. Linux is bundled with libreoffice for documents, don't know how vulnerable it is to malware though. I figured out how to get fast stone and ms paint running with wine,. but now i worry wine is opening vulnerablities in the linux mint OS.

there are generally two types of attacks using email attachments or downloads

• tricking the user to execute a program. This could be a macro in an office document or a somehow hidden executable (vb script, ...)
• exploiting buffer overflows. These are errors in programs like pdf viewers or unpackers that are used to execute arbitrary code.

Linux usually protects you from these because its inner workings are different from windows. So exploits of Windows vulnerabilities do not work. There could be exploits specifically targeted against Linux programs like okular or gpdf. But the small market share and the variety of Linux flavors makes that less probable. So you should be safe with wine.

By the way: there is a nice native ms paint Linux alternative: pinta.
(Or did I miss the joke about running ms paint in wine?)

[solarbear]

I tried a few linux alternatives, but the ms paint from XP is just what i was used to and flows the editing process relatively seamlessly. I think the PIX editor is almost there, bit still not as good. I like how ms paint saves a file and reduces the byte size . I looked it up and read about how ms paint does that, i would like to believe it is not damaging the image quality when it saves the file. i was looking at the faststone resizer and how it reduces file size, and after tweaking the settings, the saved files are keeping the quality of the image quite well. i always suggest to not use the defaults in fast stone as degraded images of the same name and content is not the desired result. I always target that .3 mb file size as a rule, but there are always exceptions.

So, the topic of e-mail attachments as malware vectors. I think linux is bundled with mozilla thunderbird as an e-mail client. i haven't used it, but i would believe it is a pop-3 capable. i think i read g-mail is auto-contain. a little googling may be in order...

from everything i read, malware needs to have system permissions, and anti0virus add-ons are prime targets as it has deep system permissions.